#!/bin/sh

# lxc-test-ubuntu: some tests of ubuntu-specific features of lxc.
# Some features of lxc - networking and LSM configuration for instance -
# are generally configured by the distro packages.  This program
# tests the Ubuntu configuration.

# These require the ubuntu lxc package to be installed.

# General lxc functionality testing does not belong here.

# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.

# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.

# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

set -e

FAIL() {
	echo -n "Failed " >&2
	echo "$*" >&2
	exit 1
}

# Only run on a normally configured ubuntu lxc system
if [ ! -d /sys/class/net/lxcbr0 ]; then
	echo "lxcbr0 is not configured."
	exit 1
fi
if [ "$(id -u)" != "0" ]; then
	echo "ERROR: Must run as root."
	exit 1
fi

for template in ubuntu ubuntu-cloud; do
	# need a different name for each container so dnsmasq doesn't
	# mess us up with its caching
	if which uuidgen 2>&1 > /dev/null; then
		name=$(uuidgen)
	else
		name=lxc-test-$template
	fi

	lxc-create -t $template -n $name || FAIL "creating $template container"
	lxc-start -n $name -d || FAIL "starting $template container"
	lxc-wait -n $name -s RUNNING || FAIL "waiting for $template container to run"

	for tries in `seq 1 20`; do
		lxcip=$(lxc-info -i -n $name -H | head -n 1)
		[ -z "$lxcip" ] || break
		sleep 1
	done
	[ -n "$lxcip" ] || FAIL "to start networking in $template container"

	ping -c 1 $lxcip || FAIL "to ping $template container"
	# Check apparmor
	lxcpid=`lxc-info -n $name -p -H`
	aa=`cat /proc/$lxcpid/attr/current`
	if [ "$aa" != "lxc-container-default-with-nesting (enforce)" -a \
			"$aa" != "lxc-container-default-cgns (enforce)" -a \
			"$aa" != "lxc-container-default (enforce)" ]; then
		FAIL " to correctly set apparmor profile (profile is \"$aa\")"
	fi
	lxc-stop -n $name -k
	lxc-destroy -n $name
done

exit 0
